Date: Thu, 6 Feb 1997 00:09:42 -0800 (PST) From: Stranger Bone <ben@narcissus.ml.org> To: "Jordan K. Hubbard" <jkh@time.cdrom.com> Cc: announce@freebsd.org, first-teams@first.org, freebsd-security-notification@freebsd.org, freebsd-security@freebsd.org Subject: Re: setlocale() bug in all released versions of FreeBSD (SA-97:01) Message-ID: <Pine.BSF.3.91.970206000922.5408G-100000@narcissus.ml.org> In-Reply-To: <199702060245.SAA26311@time.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 5 Feb 1997, Jordan K. Hubbard wrote: > ============================================================================= > FreeBSD-SA-97:01 Security Advisory > Revised: Wed Feb 05 09:58:56 PDT 1997 FreeBSD, Inc. > > Topic: setlocale() bug in all released versions of FreeBSD > > Category: core > Module: libc > Announced: 1997-02-05 > Affects: FreeBSD 2.1.6 and earlier systems suffer from this > vulnerability for all binaries due to setlocale() being > called from crt0.o. > > Corrected: 1997-02-05 -stable, 1996-11-27 -current and RELENG_2_2 sources > Source: FreeBSD specific bug > FreeBSD only: unknown > > Patches: ftp://freebsd.org/pub/CERT/patches/SA-97:01/ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ This directory doesn't appear to exist. Ben "You have your mind on computers, it seems."
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.970206000922.5408G-100000>